Remove token enforcement for true tokenless endpoints

nora-codecov commented 1 month ago

Went through the upload endpoints on API:

endpoints where we want to allow tokenless: I've made sure the method uses get_token_header() which allows None for the token, which will allow tokenless requests through to the api.
endpoints where we don't want to allow tokenless: I've made sure they use get_token_header_or_fail() which does not allow None, so the request will be kicked out before it gets to api. This is not required for the tokenless logic to work, but is nice to have since it prevents junk requests from clogging api.
update: we are going to allow tokenless uploads on all upload related endpoints, so switched them all to get_token_header(). get_token_header_or_fail() is now unused, but I'm leaving it in code for if we need to switch an endpoint back to token required.

https://github.com/codecov/engineering-team/issues/2300

codecov[bot] commented 1 month ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 95.95%. Comparing base (db6ab02) to head (10b24f7). Report is 1 commits behind head on main.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #533 +/- ## ======================================= Coverage 95.95% 95.95% ======================================= Files 84 84 Lines 3067 3067 ======================================= Hits 2943 2943 Misses 124 124 ``` | [Flag](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | Coverage Δ | | |---|---|---| | [python3.10](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | `96.22% <100.00%> (ø)` | | | [python3.11](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | `96.21% <100.00%> (ø)` | | | [python3.12](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | `96.21% <100.00%> (ø)` | | | [python3.8](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | `96.18% <100.00%> (ø)` | | | [python3.9](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | `96.18% <100.00%> (ø)` | | | [smart-labels](https://app.codecov.io/gh/codecov/codecov-cli/pull/533/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov) | `95.95% <100.00%> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=codecov#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

github-actions[bot] commented 1 month ago

:white_check_mark: All tests successful. No failed tests were found.

:mega: Thoughts on this report? Let Codecov know! | Powered by Codecov

thomasrockhu-codecov commented 1 month ago

Agreed, this looks good to me. I'd like to know, however, that this change has been tested on

Public repos from user in the org
Public repos from user outside the org
Dependabot RPs to a repo
Private repos

codecov / codecov-cli

Remove token enforcement for true tokenless endpoints #533

Codecov Report